Cybersecurity Blog
Thought leadership. Threat analysis. Cybersecurity news and alerts.
To this day, LinkedIn is still, by far, the most useful professional social network. Though there have been many concerns in regards to members being targeted by sale people, the issue is inevitable. As someone who make purchasing recommendations and decisions for multiple companies, even before LinkedIn was founded and became popular, I was getting at least 3 calls a day from the salesforce of various organizations. Today I wanted to recommend my top 3 cybersecurity companies to follow on LinkedIn. All 3 are hand picked for a variety of reasons. Following any of those listed will most likely help you develop a better understanding of information and cybersecurity related issues. I’ve listed them in no particular order, as i believe all 3 truly deserve to be followed. Imperva According to their LinkedIn profile, Imperva® (NYSE:IMPV), is a leading provider of cyber security solutions that protect business critical data and applications in the cloud, as well as on-premises. The company's SecureSphere, CounterBreach, Incapsula and Skyfence product lines enable enterprises to discover assets and risks, protect valuable information (such as intellectual property, business plans, trade secrets, customer and employee information, and the day-to-day data that drives your business). They also offer services that enable your business to comply with the myriad of increasingly stringent data protection regulations and mandates, as well as enforce policies, entitlements and audit controls. Having worked with Imperva for over 10-years, I can attest to the facts that their staff is a great bunch of dedicated, diverse and highly skilled folks. Their customer service and support line is truly one of the most efficient in the industry, with nearly instant response. They never hide behind an email wall, and are always there, in person, when you need them most. If you are interested in web application protection (and you should be), including the DDoS protection and website acceleration, you should follow Imperva. The Herjavec Group I happened to recall the time when Robert Herjavec founded the company. In fact, I believe I was one of the first customers of The Herjavec Group; they had assisted March of Dimes Canada by implementing an email security appliance. Since that day, I have been virtually following Robert and his company. As the company grew, many things changed, including product and service offerings, people and offices. The one thing that has not changed, is their sense of pride, its core people and their quality of service. In addition to timely updates that the company provides on LinkedIn and other social networks, if you haven’t already, you should also consider following Robert, as he often shares the stories and wisdom that made him into a Canadian success story. Checkmarx No longer a startup, this Israeli success story does not cease to amaze. In the early days, they found a problem whereby automated code security software was cumbersome and unaffordable for SMB’s. They have created something that did not rely on heavy and complex deployment requirements and it was truly affordable for virtually any size organization. Like every other start up, as the company matured, it began attracting major talent, allowing them to close large deals while winning against seasoned enterprise players such as HP and IBM. More often than not, they deliver high quality content on LinkedIn in an attempt to raise awareness, ensuring top executives understand the importance of software code security. Why do we fall victim to email phishing attacks?
Cyber criminals are crafty when it comes to email phishing attacks. Judging by the results of the most recent Google email phishing campaign, they are succeeding. Cyber criminals are smart, knowledgeable and won’t stop at any means to achieve their goals, which is to acquire your personal information and use it against you and the people on your contact list.
Almost daily, people receive fake emails asking for their personal information, such as user IDs and passwords. These phishing emails can be disguised as if they came from your bank, your email provider, a government agency or even your employer. Cyber crime gangs often prey on our own cybersecurity illiteracy and laziness. Let me ask you a few questions:
Since cybersecurity illiteracy is what cybercriminals use as an advantage, cybersecurity literacy and awareness would be a good antidote. The easiest way to spot a phishing email
Most fake emails can be spotted by simply looking at the “from” email address. An email from a fake sender would look something like this: Google Support <[email protected]>. This is definitely a fake. It might not be obvious, but that an email from Google would most certainly come from [email protected].
In any event, here is the easiest way to spot a phishing scam. Please remember it, print it out and share with others: If you receive an email whereby someone is asking for your personal information, including your user ID and / or passwords with a sense of urgency, most likely it’s a phishing scam. Why? Because you bank, your email provider, or your employer WILL NEVER ASK FOR YOUR PERSONAL INFORMATION VIA EMAIL. For example, you received an email that appears to be from your bank, and it looks something like this: “Dear customer, This is to inform you that due to suspicious activity, your savings account has been locked. Please click here to change your password immediately to re-gain access to your account. Sincerely, Customer Service Manager” While it appears legitimate, your bank will never ask to provide any personal information via email. In most cases, they will call you, and will ask you to go to the nearest branch to address any account security related issues. Even when someone calls you and introduces him or herself as a banking specialist asking for your personal information, you don’t have to provide it. Hang up, call your bank using the number on the back of your bank card, and tell them that you were contacted, and if there are any issue they could help you address. Same goes to calls from any government agency, including the IRS. Stay safe! A Sophisticated Phishing Attack
As reported by several cyber security researchers, and the mainstream media, cyber criminals unleashed a new, sophisticated phishing campaign targeting both individuals and corporate Gmail users. In fact, it’s so sophisticated, that even savvy users are being tricked by it.
An email arrives with a link, and when clicked, it asks for your Gmail user credentials. The trick is that the page looks exactly like the original Gmail sign on page. When you enter your user ID and password, the attackers automatically log into your Gmail account. When they are in, they immediately begin gathering additional information to support further attacks. Appears that they are looking for the attachments you’ve previously shared with others, and gather email addresses from your contacts. The contacts they gather, inevitably become new targets. Now rogue emails are coming from someone the victim knows. It's very hard to notice foul play since the URl in the email is disguised very well. In most cases, victims won't even look at the address bar at the top to validate the website's authenticity. How to protect yourself against phishing attacks?
Fortunately, you can protect your account almost instantly by enabling 2-step verification for your Gmail account. Even if you don’t use Gmail, and use another Cloud email service, we recommend that you enable a 2-step verification without delay.
When 2-step verification is enabled, unless cybercriminals have direct access to your smartphone, it would be nearly impossible for them to use your password, even if you have fallen victim to a phishing attack. Instructions on enabling 2-step verification for Gmail (personal use): https://support.google.com/accounts/answer/185839?hl=en Instructions on enabling 2-step verification for Gmail (corporate accounts). Note that for corporate accounts, you need to share these instructions with your IT department, and Gmail administrator will be able to add the extra security centrally: https://support.google.com/a/answer/184711?hl=en Have questions? Please contact us and we will be more than happy to assist. Stay safe! Most Notable Cybersecurity Breaches of 2016
Data breaches have become quite common and it is quite frustrating to think about the way attackers are managing to infiltrate networks and web applications while getting away with valuable information. Though cyber-attacks cost the IT industry about hundred billion dollars each year, the cybersecurity breaches have come down crashing this year, there have been various denial of service attacks resulting very significant damage to both infrastructure and reputation.
Office of Child Support Enforcement A laptop and portable hard drives that contained personal information was stolen in April 2016 from the Office of Child Support Enforcement in Washington. Using a disgruntled employee in order to acquire a key, the devices were stolen by the intruders. Information on as many as 5 million individuals is said to have been on those devices that also have the phone numbers, addresses, birth dates and social security numbers. This information security breach had occurred after the announcement made by federal government of a massive data breach which affected and exposed the personal information of more than 21 million federal contractors and employees. 21st Century Oncology 21st Century Oncology, a Florida-based cancer care institution, declared that a huge data protection issue resulting in breach that had revealed the information of 2.2 million patients that reside internationally across the 50 states. The company database was broken into in October 2016 and hackers stole the personal information of patients that included names, social security numbers, treatment data, diagnosis, physician’s names and insurance information. Thus far, there has been no indication of misuse of the leaked information. A hacker by the alias “Peace”, posted data on the dark web for sale in May and allegedly it included information of 167 million LinkedIn accounts. A week later, there were 360 million emails and passwords for MySpace users. This leak expands on the 6.5 million encrypted passwords that had been put up online after a cybersecurity breach in 2012. The leaks were reported by Motherboard first and the credentials that had emails, passwords and usernames were mainly from the former breaches according to a paid hacked data search engine, LeakedSource. Internal Revenue System The Internal Revenue Service announced at the peak of tax season that they had suffered a major blow of data protection breach which exposed information about more than 7,00,000 individuals. IRS stated that 724,000 accounts were affected as a result. The information (social security numbers and other personal data) was accessed through the IRS Get Transcript program that had been created to enable the taxpayers to check their history online. Using the data from the breaches of IRS approved online accounts and tax preparers, the hackers got to access the accounts. Federal Bureau of Investigation, Department of Homeland Security In February of 2016, the FBI had been threatened by the hackers which proved to be true in dumping the record of almost 30,000 FBI and workers from the Department of Homeland Security. The records also included personal data of around 20,000 FBI and 9,000 DHS employees and included names and contact information. The hacker, who had reached out with the files to Motherboard, claims that he had access to more files which totaled to 200 GB. Web Application Firewalls (WAF) have become essential to defend businesses, of all sizes, from sophisticated application layer attacks. Why is WAF so important? Because of the many points of integration within the internal and external system, web application is often seen as a gateway to mission critical information. When web application defence is weak, it makes it easy for an attacker to compromise the web application, gaining access to personal information and intellectual property. Protection against Distributed Denial of Service (DDoS) attacks (which is frequently covered by the mainstream media), is one of the key functionalities of the web application firewalls. According to the Imperva’s Bot Traffic Report, nearly half of all website visitors are bots. 29% are bad bots including impersonators, hackers, thieves and spammers. An alarming 90% of security events are cause by bad bots, making web application defence even more essential for businesses.
|
AuthorSteve E. Driz, I.S.P., ITCP Archives
April 2024
Categories
All
|
1/29/2017
0 Comments